Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/old/vendor/web-token/jwt-framework/src/Component/NestedToken/ |
<?php
declare(strict_types=1);
namespace Jose\Component\NestedToken;
use InvalidArgumentException;
use Jose\Component\Core\JWK;
use Jose\Component\Encryption\JWEBuilder;
use Jose\Component\Encryption\Serializer\JWESerializerManager;
use Jose\Component\Signature\JWSBuilder;
use Jose\Component\Signature\Serializer\JWSSerializerManager;
use function array_key_exists;
use function is_array;
class NestedTokenBuilder
{
public function __construct(
private readonly JWEBuilder $jweBuilder,
private readonly JWESerializerManager $jweSerializerManager,
private readonly JWSBuilder $jwsBuilder,
private readonly JWSSerializerManager $jwsSerializerManager
) {
}
/**
* Creates a nested token.
*
* @param array{array{key: JWK, protected_header?: array<string, mixed>, header?: array<string, mixed>}} $signatures
* @param array{alg?: string, string?: mixed} $jweSharedProtectedHeader
* @param array{alg?: string, string?: mixed} $jweSharedHeader
* @param array{array{key: JWK, header?: array<string, mixed>}} $recipients
*/
public function create(
string $payload,
array $signatures,
string $jws_serialization_mode,
array $jweSharedProtectedHeader,
array $jweSharedHeader,
array $recipients,
string $jwe_serialization_mode,
?string $aad = null
): string {
$jws = $this->jwsBuilder->create()
->withPayload($payload);
foreach ($signatures as $signature) {
if (! is_array($signature) || ! array_key_exists('key', $signature)) {
throw new InvalidArgumentException(
'The signatures must be an array of arrays containing a key, a protected header and a header'
);
}
$signature['protected_header'] = array_key_exists(
'protected_header',
$signature
) ? $signature['protected_header'] : [];
$signature['header'] = array_key_exists('header', $signature) ? $signature['header'] : [];
$jws = $jws->addSignature($signature['key'], $signature['protected_header'], $signature['header']);
}
$jws = $jws->build();
$token = $this->jwsSerializerManager->serialize($jws_serialization_mode, $jws);
$jweSharedProtectedHeader['cty'] = 'JWT';
$jwe = $this->jweBuilder
->create()
->withPayload($token)
->withSharedProtectedHeader($jweSharedProtectedHeader)
->withSharedHeader($jweSharedHeader)
->withAAD($aad);
foreach ($recipients as $recipient) {
if (! is_array($recipient) || ! array_key_exists('key', $recipient)) {
throw new InvalidArgumentException(
'The recipients must be an array of arrays containing a key and a header'
);
}
$recipient['header'] = array_key_exists('header', $recipient) ? $recipient['header'] : [];
$jwe = $jwe->addRecipient($recipient['key'], $recipient['header']);
}
$jwe = $jwe->build();
return $this->jweSerializerManager->serialize($jwe_serialization_mode, $jwe);
}
}